diff --git a/resources/cn/global-overrides2.20.yaml b/resources/cn/global-overrides2.20.yaml new file mode 100644 index 0000000000..886ad2c4c8 --- /dev/null +++ b/resources/cn/global-overrides2.20.yaml @@ -0,0 +1,39 @@ +apiVersion: v1 +data: + lorem: ipsum +kind: ConfigMap +metadata: + annotations: + argocd.argoproj.io/sync-wave: "-1" + argocd.argoproj.io/tracking-id: kcp:/ConfigMap:kcp-system/global-overrides-2.20 + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","data":{"lorem":"ipsum"},"kind":"ConfigMap","metadata":{"annotations":{"argocd.argoproj.io/sync-wave":"-1","argocd.argoproj.io/tracking-id":"kcp:/ConfigMap:kcp-system/global-overrides-2.20"},"labels":{"argocd.argoproj.io/instance":"kcp","kyma-project.io/installation":"","overrides-plan-aws":"true","overrides-plan-azure":"true","overrides-plan-azure_lite":"true","overrides-plan-free":"true","overrides-plan-gcp":"true","overrides-plan-own_cluster":"true","overrides-plan-sap-converged-cloud":"true","overrides-plan-trial":"true","overrides-version-2.20.0":"true","overrides-version-2.20.0-rc1":"true","overrides-version-2.20.0-rc2":"true","overrides-version-2.20.0-rc3":"true","overrides-version-2.20.0-rc4":"true","overrides-version-2.20.1":"true","overrides-version-2.20.2":"true","overrides-version-2.20.3":"true","overrides-version-2.20.4":"true","overrides-version-2.20.5":"true","overrides-version-2.20.6":"true","overrides-version-2.20.7":"true","overrides-version-2.20.8":"true"},"name":"global-overrides-2.20","namespace":"kcp-system"}} + creationTimestamp: "2024-06-04T11:50:57Z" + labels: + argocd.argoproj.io/instance: kcp + kyma-project.io/installation: "" + overrides-plan-aws: "true" + overrides-plan-azure: "true" + overrides-plan-azure_lite: "true" + overrides-plan-free: "true" + overrides-plan-gcp: "true" + overrides-plan-own_cluster: "true" + overrides-plan-sap-converged-cloud: "true" + overrides-plan-trial: "true" + overrides-version-2.20.0: "true" + overrides-version-2.20.0-rc1: "true" + overrides-version-2.20.0-rc2: "true" + overrides-version-2.20.0-rc3: "true" + overrides-version-2.20.0-rc4: "true" + overrides-version-2.20.1: "true" + overrides-version-2.20.2: "true" + overrides-version-2.20.3: "true" + overrides-version-2.20.4: "true" + overrides-version-2.20.5: "true" + overrides-version-2.20.6: "true" + overrides-version-2.20.7: "true" + overrides-version-2.20.8: "true" + name: global-overrides-2.20 + namespace: kcp-system + resourceVersion: "3859090747" + uid: 6682685e-bed7-4176-b309-d8810eede6ab diff --git a/resources/cn/keb-config.yaml b/resources/cn/keb-config.yaml new file mode 100644 index 0000000000..f61188652c --- /dev/null +++ b/resources/cn/keb-config.yaml @@ -0,0 +1,73 @@ +apiVersion: v1 +data: + default: |- + kyma-template: |- + apiVersion: operator.kyma-project.io/v1beta2 + kind: Kyma + metadata: + labels: + "operator.kyma-project.io/managed-by": "lifecycle-manager" + name: tbd + namespace: kcp-system + spec: + channel: fast + modules: + - name: api-gateway + - name: istio + - name: btp-operator + additional-components: [] + own_cluster: |- + kyma-template: |- + apiVersion: operator.kyma-project.io/v1beta2 + kind: Kyma + metadata: + labels: + "operator.kyma-project.io/managed-by": "lifecycle-manager" + name: tbd + namespace: kcp-system + spec: + channel: fast + modules: [] + additional-components: {} +kind: ConfigMap +metadata: + annotations: + argocd.argoproj.io/sync-wave: "-1" + argocd.argoproj.io/tracking-id: kcp:/ConfigMap:kcp-system/keb-config-2.20 + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","data":{"default":"kyma-template: |-\n apiVersion: operator.kyma-project.io/v1beta2\n kind: Kyma\n metadata:\n labels:\n \"operator.kyma-project.io/managed-by\": \"lifecycle-manager\"\n name: tbd\n namespace: kcp-system\n spec:\n channel: fast\n modules:\n - name: api-gateway\n - name: istio\n - name: btp-operator\nadditional-components: []","own_cluster":"kyma-template: |-\n apiVersion: operator.kyma-project.io/v1beta2\n kind: Kyma\n metadata:\n labels:\n \"operator.kyma-project.io/managed-by\": \"lifecycle-manager\"\n name: tbd\n namespace: kcp-system\n spec:\n channel: fast\n modules: []\nadditional-components: {}"},"kind":"ConfigMap","metadata":{"annotations":{"argocd.argoproj.io/sync-wave":"-1","argocd.argoproj.io/tracking-id":"kcp:/ConfigMap:kcp-system/keb-config-2.20"},"labels":{"argocd.argoproj.io/instance":"kcp","keb-config":"true","kyma-project.io/installation":"","overrides-version-2.20.0":"true","overrides-version-2.20.0-rc1":"true","overrides-version-2.20.0-rc2":"true","overrides-version-2.20.0-rc3":"true","overrides-version-2.20.0-rc4":"true","overrides-version-2.20.1":"true","overrides-version-2.20.2":"true","overrides-version-2.20.3":"true","overrides-version-2.20.4":"true","overrides-version-2.20.5":"true","overrides-version-2.20.6":"true","overrides-version-2.20.7":"true","overrides-version-2.20.8":"true","runtime-version-2.20.0":"true","runtime-version-2.20.0-rc1":"true","runtime-version-2.20.0-rc2":"true","runtime-version-2.20.0-rc3":"true","runtime-version-2.20.0-rc4":"true","runtime-version-2.20.1":"true","runtime-version-2.20.2":"true","runtime-version-2.20.3":"true","runtime-version-2.20.4":"true","runtime-version-2.20.5":"true","runtime-version-2.20.6":"true","runtime-version-2.20.7":"true","runtime-version-2.20.8":"true"},"name":"keb-config-2.20","namespace":"kcp-system"}} + creationTimestamp: "2024-06-04T11:50:57Z" + labels: + argocd.argoproj.io/instance: kcp + keb-config: "true" + kyma-project.io/installation: "" + overrides-version-2.20.0: "true" + overrides-version-2.20.0-rc1: "true" + overrides-version-2.20.0-rc2: "true" + overrides-version-2.20.0-rc3: "true" + overrides-version-2.20.0-rc4: "true" + overrides-version-2.20.1: "true" + overrides-version-2.20.2: "true" + overrides-version-2.20.3: "true" + overrides-version-2.20.4: "true" + overrides-version-2.20.5: "true" + overrides-version-2.20.6: "true" + overrides-version-2.20.7: "true" + overrides-version-2.20.8: "true" + runtime-version-2.20.0: "true" + runtime-version-2.20.0-rc1: "true" + runtime-version-2.20.0-rc2: "true" + runtime-version-2.20.0-rc3: "true" + runtime-version-2.20.0-rc4: "true" + runtime-version-2.20.1: "true" + runtime-version-2.20.2: "true" + runtime-version-2.20.3: "true" + runtime-version-2.20.4: "true" + runtime-version-2.20.5: "true" + runtime-version-2.20.6: "true" + runtime-version-2.20.7: "true" + runtime-version-2.20.8: "true" + name: keb-config-2.20 + namespace: kcp-system + resourceVersion: "3859090746" + uid: 9225253d-f74b-47e6-9f38-619515cc7c10 diff --git a/resources/cn/sql.yaml b/resources/cn/sql.yaml new file mode 100644 index 0000000000..9682c159b9 --- /dev/null +++ b/resources/cn/sql.yaml @@ -0,0 +1,10 @@ +metadata: + name: kcp-postgresql + namespace: kcp-system +stringData: + postgresql-broker-username: "postgres" + postgresql-broker-password: + postgresql-broker-db-name: "postgres" + postgresql-serviceName: "keb-database.cluster-cbakie0uyuvu.rds.cn-northwest-1.amazonaws.com.cn" + postgresql-servicePort: "5432" + postgresql-sslMode: disable \ No newline at end of file diff --git a/resources/cn/values.yaml b/resources/cn/values.yaml new file mode 100644 index 0000000000..dad93c2ece --- /dev/null +++ b/resources/cn/values.yaml @@ -0,0 +1,130 @@ +# This file contains values for KEB chart needed to install it in CN region. + +global: + images: + cloudsql_proxy_image: "europe-docker.pkg.dev/kyma-project/prod/tpi/cloudsql-docker/gce-proxy:v1.33.16-133356bc" + container_registry: + path: 113663649212.dkr.ecr.cn-northwest-1.amazonaws.com.cn/kcp-cn + schema_migrator: + dir: "" + version: "v20240307-f250dc83" # do not update along with the other images + kyma_environment_broker: + dir: + version: "1.5.23" + database: + cloudsqlproxy: + enabled: false + +archiving: + enabled: true + dryRun: false +cleaning: + enabled: true + dryRun: false + +avs: + disabled: true + +broker: + events: + enabled: true +binding: + enabled: false + + +dashboardConfig: + enabled: true + landscapeURL: https://dashboard.kyma.cloud.sap # **CN** + +edp: + disabled: true + +enableKubeconfigURLLabel: true + +enablePlans: azure,gcp,azure_lite,aws,trial,free,sap-converged-cloud + +ias: + disabled: true + +includeAdditionalParamsInSchema: true + +# must be configured +kubeconfig: + allowOrigins: https://dashboard.kyma.cloud.sap + clientID: 12b13a26-d993-4d0c-aa08-5f5852bbdff6 + issuerURL: https://kyma.accounts.ondemand.com + +kymaVersion: 2.20.0 +kymaVersionOnDemand: false +lifecycleManager: + disabled: true + +infrastructureManager: + disabled: true + + +oidc: + client: 12b13a26-d993-4d0c-aa08-5f5852bbdff6 + issuer: https://kyma.accounts.ondemand.com + keysURL: https://kyma.accounts.ondemand.com/oauth2/certs + +osbUpdateProcessingEnabled: true +provisioner: + dumpRequests: false + gardenerClusterStepTimeout: 3m +runtimeAllowedPrincipals: |- + - cluster.local/ns/kcp-system/sa/kcp-kyma-metrics-collector + - cluster.local/ns/monitoring-system/sa/mop-agent +serviceAccount: + annotations: + iam.gke.io/gcp-service-account: proxy-user@sap-ti-dx-kyma-mps-prod.iam.gserviceaccount.com +serviceManager: + overrideMode: "Always" + +showTrialExpirationInfo: true +skrDNSProvidersValues: |- + providers: + - domainsInclude: [ "kyma.ondemand.com" ] + primary: true + secretName: "aws-route53-secret-prod" + type: "aws-route53" +skrOIDCDefaultValues: |- + issuerURL: "https://kyma.accounts.ondemand.com" + clientID: "12b13a26-d993-4d0c-aa08-5f5852bbdff6" + groupsClaim: "groups" + signingAlgs: [ "RS256" ] + usernamePrefix: "-" + usernameClaim: "sub" +subaccountCleanup: + enabled: false +subaccountsIdsToShowTrialExpirationInfo: all + + +trialCleanup: + enabled: false +freeCleanup: + enabled: false +runtimeReconciler: + enabled: false +deprovisionRetrigger: + enabled: false + +subaccountSync: + enabled: false + +metricsv2: + enabled: true + operationResultRetentionPeriod: 336h + operationResultPoolingInterval: 1m + operationStatsPoolingInterval: 1m +onlyOneFreePerGA: true +freemiumWhitelistedGlobalAccountIds: |- + whitelist: + - d9994f8f-7e46-42a8-b2c1-1bfff8d2fe05 +showFreeExpirationInfo: true +freeDocsURL: + https://help.sap.com/docs/btp/sap-business-technology-platform/available-plans-in-kyma-environment + + +serviceMonitor: + enabled: false diff --git a/resources/keb/templates/deployment.yaml b/resources/keb/templates/deployment.yaml index 44d1929a84..dec483e40b 100644 --- a/resources/keb/templates/deployment.yaml +++ b/resources/keb/templates/deployment.yaml @@ -20,6 +20,8 @@ spec: annotations: checksum/config: {{ include (print $.Template.BasePath "/app-config.yaml") . | sha256sum }} spec: + imagePullSecrets: + - name: k8s-ecr-login-renew-docker-secret {{ if .Values.global.isLocalEnv }} # HostAliases are used by Pod to resolve kyma.local domain hostAliases: diff --git a/resources/keb/templates/deprovision-retrigger-job.yaml b/resources/keb/templates/deprovision-retrigger-job.yaml index ce89e5baf7..8a9948ec49 100644 --- a/resources/keb/templates/deprovision-retrigger-job.yaml +++ b/resources/keb/templates/deprovision-retrigger-job.yaml @@ -1,3 +1,4 @@ +{{ if .Values.deprovisionRetrigger.enabled }} apiVersion: batch/v1 kind: CronJob metadata: @@ -118,3 +119,4 @@ spec: optional: true {{- end}} schedule: "{{ .Values.deprovisionRetrigger.schedule }}" +{{ end }} \ No newline at end of file diff --git a/resources/keb/templates/free-cleanup-job.yaml b/resources/keb/templates/free-cleanup-job.yaml index 22dc93c19b..9c9d0fd955 100644 --- a/resources/keb/templates/free-cleanup-job.yaml +++ b/resources/keb/templates/free-cleanup-job.yaml @@ -1,3 +1,4 @@ +{{ if .Values.freeCleanup.enabled }} apiVersion: batch/v1 kind: CronJob metadata: @@ -126,3 +127,4 @@ spec: optional: true {{- end}} schedule: "{{ .Values.freeCleanup.schedule }}" +{{ end }} \ No newline at end of file diff --git a/resources/keb/templates/migrator-job.yaml b/resources/keb/templates/migrator-job.yaml index 6eb607b3f6..ae26d3896b 100644 --- a/resources/keb/templates/migrator-job.yaml +++ b/resources/keb/templates/migrator-job.yaml @@ -32,6 +32,8 @@ spec: serviceAccountName: {{ .Values.global.kyma_environment_broker.serviceAccountName }} restartPolicy: Never shareProcessNamespace: true + imagePullSecrets: + - name: k8s-ecr-login-renew-docker-secret containers: {{- if and (eq .Values.global.database.embedded.enabled false) (eq .Values.global.database.cloudsqlproxy.enabled true)}} - name: cloudsql-proxy @@ -55,7 +57,7 @@ spec: {{- end }} {{- end}} - name: migrator - image: {{ .Values.global.images.container_registry.path }}/{{ .Values.global.images.schema_migrator.dir }}/schema-migrator:{{ .Values.global.images.schema_migrator.version }} + image: {{ .Values.global.images.container_registry.path }}/{{ .Values.global.images.schema_migrator.dir }}schema-migrator:{{ .Values.global.images.schema_migrator.version }} imagePullPolicy: IfNotPresent command: - /bin/program diff --git a/resources/keb/templates/trial-cleanup-job.yaml b/resources/keb/templates/trial-cleanup-job.yaml index 538b1232a2..3b17b5f893 100644 --- a/resources/keb/templates/trial-cleanup-job.yaml +++ b/resources/keb/templates/trial-cleanup-job.yaml @@ -1,3 +1,4 @@ +{{- if .Values.trialCleanup.enabled }} apiVersion: batch/v1 kind: CronJob metadata: @@ -126,3 +127,4 @@ spec: optional: true {{- end}} schedule: "{{ .Values.trialCleanup.schedule }}" + {{ end }} \ No newline at end of file diff --git a/resources/keb/values.yaml b/resources/keb/values.yaml index 2ba64724d1..9348e7b10e 100644 --- a/resources/keb/values.yaml +++ b/resources/keb/values.yaml @@ -120,7 +120,6 @@ broker: memory: false events: enabled: false - enableShootAndSeedSameRegion: "false" binding: enabled: false @@ -376,6 +375,7 @@ subaccountCleanup: schedule: "0 1 * * *" trialCleanup: + enabled: true schedule: "0,15,30,45 * * * *" dryRun: true expirationPeriod: 336h @@ -383,6 +383,7 @@ trialCleanup: testSubaccountID: "prow-keb-trial-suspension" freeCleanup: + enabled: true schedule: "0,15,30,45 * * * *" dryRun: true expirationPeriod: 2160h # 90 days @@ -392,6 +393,7 @@ freeCleanup: deprovisionRetrigger: schedule: "0 2 * * *" dryRun: true + enabled: true subaccountSync: enabled: true